两节点互信
目的:
192.168.1.101 免密登录 192.168.1.102
环境信息
主机名 | IP地址 | 备注 |
---|---|---|
testos1 | 192.168.1.101 | testos1以下简称A |
testos2 | 192.168.1.102 | testos2以下简称B |
互信过程
#1、在A上生成公钥和私钥(一直回车直到结束)
cd
ssh-keygen -t rsa
#2、查看系统生成的公钥私钥对
ls -lsa /root/.ssh/*rsa*
#3、将A的公钥拷贝到B对应路径下(需要输入B的密码)
ssh-copy-id root@192.168.1.102
#4、进入B查看步骤3文件是否写入
[root@testos2 ~]# cat /root/.ssh/authorized_keys
#5、免密验证
ssh 192.168.1.102
互信完整过程
#1、在A上生成公钥和私钥(一直回车直到结束)
[root@testos1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:6SzaSGc30BbSlQBFsCM0DURJWAPgGwkZvYoj8FEP1as root@testos1
The key's randomart image is:
+---[RSA 2048]----+
|+=.BX=+*+... |
|+ +.+o.o... |
| + o.o+ o. |
|. = ..+.o |
|o+ . ..S |
|= . E= |
|.. . + = |
| . * o . |
| o . |
+----[SHA256]-----+
#2、查看系统生成的公钥私钥对
[root@testos1 ~]# ls -lsa /root/.ssh/*rsa*
4 -rw-------. 1 root root 1679 Sep 7 16:32 /root/.ssh/id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 16:32 /root/.ssh/id_rsa.pub
#3、将A的公钥拷贝到B对应路径下的文件里(需要输入B的密码)
[root@testos1 ~]# ssh-copy-id root@192.168.1.102
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.102 (192.168.1.102)' can't be established.
ECDSA key fingerprint is SHA256:1AeC9yOAxokwy7VF7TpyQGbhvryeblt1kRcxx3/9BBk.
ECDSA key fingerprint is MD5:fb:3c:24:0c:79:c4:e7:1f:19:ce:ef:cd:56:5f:4c:0a.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.1.102's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.1.102'"
and check to make sure that only the key(s) you wanted were added.
#4、进入B查看步骤3文件是否写入
[root@testos2 ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDV6iCGRxKkAkq8FImTno8TGBIcdG5rStxwKFDtYc+7YGx1Uq2jK8E7TbNbiqNTEdI5VqTDXHROjDrAQxqa1Its52qqZ6m34VukvVAn9rs/aX4YdDnPW4RQ1bXjPTqFnrnXQGCLx14oR80ay8Q2zH4kIR+fUEeWFTqs2H5Sa3+drd51DxfcaqyXcqUYotvs9gp6fckR94yTqcbxDjQnWAsFEv6jGKPCK5XwOHBusnxDxIATgZ2zhkhvkUBtDsLe+sDgwnEzMfdFlXBAy0I8a8rCNF9rG/8QHcfBLWvhAIifyhbdoDd1+1jGIMuW9FlguhfuGvAqPEE22YkChAPtqNgH root@testos1
#5、A免密登录B验证
[root@testos1 ~]# ssh 192.168.1.102
Last login: Wed Sep 7 14:34:14 2022 from 192.168.1.101
[root@testos2 ~]#
说明
#如上步骤3文件拷贝到B哪个路径下可以看B上的sshd配置
[root@testos2 /]# cat /etc/ssh/sshd_config|grep AuthorizedKeysFile
AuthorizedKeysFile .ssh/authorized_keys
#如上可以看出是用户家目录.ssh文件夹下的authorized_keys文件
#第3步会提示指纹认证
[root@testos1 ~]# ssh-copy-id root@192.168.1.102
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.102 (192.168.1.102)' can't be established.
ECDSA key fingerprint is SHA256:1AeC9yOAxokwy7VF7TpyQGbhvryeblt1kRcxx3/9BBk.
ECDSA key fingerprint is MD5:fb:3c:24:0c:79:c4:e7:1f:19:ce:ef:cd:56:5f:4c:0a.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.1.102's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.1.102'"
and check to make sure that only the key(s) you wanted were added.
#输入yes之后会在A的/root/.ssh目录下生成known_hosts文件
[root@testos1 .ssh]# ls -lsa /root/.ssh/known_hosts
4 -rw-r--r--. 1 root root 175 Sep 7 16:40 /root/.ssh/known_hosts
[root@testos1 .ssh]#
[root@testos1 .ssh]# cat /root/.ssh/known_hosts
192.168.1.102 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
#如上A 上/root/.ssh/known_hosts文件里面的内容就是B的公钥,采用的是ecdsa方式生成的公钥
[root@testos2 ~]# cd /etc/ssh/
[root@testos2 ssh]# cat ssh_host_ecdsa_key.pub
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
[root@testos2 ssh]#
#同时A连接B拷贝自己的公钥的时候,认证的指纹就是通过B的私钥加密的,B使用的私钥也是ecdsa,用以确定连接的是对的主机
[root@testos2 ~]# cd /etc/ssh/
[root@testos2 ssh]# ll
total 604
-rw-r--r--. 1 root root 581843 8 9 2019 moduli
-rw-r--r--. 1 root root 2276 8 9 2019 ssh_config
-rw-------. 1 root root 3907 8 9 2019 sshd_config
-rw-r-----. 1 root ssh_keys 227 12 2 2021 ssh_host_ecdsa_key
-rw-r--r--. 1 root root 162 12 2 2021 ssh_host_ecdsa_key.pub
-rw-r-----. 1 root ssh_keys 387 12 2 2021 ssh_host_ed25519_key
-rw-r--r--. 1 root root 82 12 2 2021 ssh_host_ed25519_key.pub
-rw-r-----. 1 root ssh_keys 1679 12 2 2021 ssh_host_rsa_key
-rw-r--r--. 1 root root 382 12 2 2021 ssh_host_rsa_key.pub
[root@testos2 ssh]# ssh-keygen -lf ssh_host_ecdsa_key
256 SHA256:1AeC9yOAxokwy7VF7TpyQGbhvryeblt1kRcxx3/9BBk ssh_host_ecdsa_key.pub (ECDSA)
[root@testos2 ssh]#
三节点间互信(IP)
环境信息
主机名 | IP地址 | 备注 |
---|---|---|
testos1 | 192.168.1.101 | testos1以下简称A |
testos2 | 192.168.1.102 | testos2以下简称B |
testos3 | 192.168.1.103 | testos3以下简称C |
各个节点的hosts设置
[root@testos1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.101 testos1
192.168.1.102 testos2
192.168.1.103 testos3
[root@testos1 ~]#
互信过程
#1.分别在A B C创建公钥和私钥
cd
ssh-keygen -t rsa
#2.在A上执行以下命令,整合公钥文件
#2.1
ssh 192.168.1.101 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
#2.2
ssh 192.168.1.102 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
#2.3
ssh 192.168.1.103 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
#说明:
2.1 跑完 A自己互信成功
2.2 跑完 B-A之前互信了,但是没有指纹认证(B的known_hosts中没有A的信息,B ssh 连接 A需要输入一次yes但是不需要输入密码)
2.3 跑完 C-A之间互信了,但是没有指纹认证(C的known_hosts中没有A的信息,C ssh 连接 A需要输入一次yes但是不需要输入密码)
2.3跑完 A的authorized_keys收集到了ABC三个节点的公钥信息,同时A指纹认证ABC成功
#3.在A上执行以下命令,分发整合后的公钥文件
scp ~/.ssh/authorized_keys 192.168.1.102:~/.ssh/
scp ~/.ssh/authorized_keys 192.168.1.103:~/.ssh/
#3 跑完ABC之间相互持有了对方和自己的公钥,此时真正免密登录的只有 A—A、A-B、A-C,BC上没有known_hosts文件,所以B到其他节点(包含自己),C到其他节点(包含)第一次需要输入一次yes
#4.把A上的known_hosts文件传到其他BC节点
scp ~/.ssh/known_hosts 192.168.1.102:~/.ssh/
scp ~/.ssh/known_hosts 192.168.1.103:~/.ssh/
#4跑完之后相互之间的互相完成
#4跑完之后ABC ip地址之间ssh是互通的,但是因为各个节点的known_hosts文件中只记录了IP地址,没有记录主机名,所以主机名之间ssh的话,第一次还是需要指纹认证
#5.主机名加到known_hosts中(A节点操作)
ssh testos1
exit
ssh testos2
exit
ssh testos3
exit
scp ~/.ssh/known_hosts 192.168.1.102:~/.ssh/
scp ~/.ssh/known_hosts 192.168.1.103:~/.ssh/
说明
#1 结束之后各节点的信息
[root@testos1 ~]# ls -lsa /root/.ssh/
total 16
0 drwx------. 2 root root 80 Sep 7 22:26 .
0 dr-xr-x---. 4 root root 159 Sep 7 22:25 ..
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
[root@testos1 ~]#
[root@testos2 ~]# ls -lsa /root/.ssh/
total 8
0 drwx------. 2 root root 38 Sep 7 22:32 .
0 dr-xr-x---. 3 root root 147 Sep 7 22:25 ..
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
[root@testos2 ~]#
[root@testos3 ~]# ls -lsa /root/.ssh/
total 8
0 drwx------. 2 root root 38 Sep 7 22:35 .
0 dr-xr-x---. 3 root root 147 Sep 7 22:25 ..
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
[root@testos3 ~]#
#2 结束之后各节点的信息
[root@testos1 ~]# ls -lsa /root/.ssh/
total 16
0 drwx------. 2 root root 80 Sep 7 22:26 .
0 dr-xr-x---. 4 root root 159 Sep 7 22:25 ..
4 -rw-r--r--. 1 root root 1179 Sep 7 22:34 authorized_keys
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
4 -rw-r--r--. 1 root root 525 Sep 7 22:34 known_hosts
[root@testos1 ~]#
[root@testos1 ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSSVPiZltz1rEAztaq1BfiXzgn8NomWzyO1OUSlGXUstrHUD9BNcp7VQ4Y56rQGVqQ0t9FBdh7O7ahn1PwoOlu8KjWoGv0HF257kKe9Lee64XQf1/ZZdx6xrPMs2ZDoQzFsTWzQfMGmTY8OtLq7bsEIlL45Xsp8l3b7qD4VXJGRrFZxKe0aarN+yScc9gWEimP5gm8OHg3GNYOP1WOUgxIFLJRi1xVNg03+ZBOIMjqN922ndqm7UnzmhlX/qef9zJQjvWIsx1UK/fjEmiZeLrKsrKfwdN+XgqqvSErCxP86CSUMTNJlPnLoYoHeiST8PhwqdvwMu9EHJUmkL/2IupP root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZEmRyKVErCSSqq4SKLoGFQ9nb6wO2CI0kBNSPqjsOuYZzS3Mf/OOTFdmHhZy8u+gp4e6oM5h4bOFByHce6Lv5wcMnQkMpXbO/D3t3U0OLJeMSoz3/OIUmAS8f5zg2YkkE8QYRMck9NCLHe/7WEamwV+kkGXqIP6vNHJwQCD5la84z+YalEmiDIS0aSbOvNb4kPx31u+ez8HDp2iDGfl4Q1wmLZiWBhj5iu0AzURj49fHtbC5aK6iyS2BV5rDTeQiihY+gIlklWYN7oUXH7q6n1h92rmi5nq04rc6gpnqA6qcgzSviQRvskC7NApP+YysIX0O9d/TSZ6O833L/qraN root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGobnBNKzqVMQhTWAcn2OUOBQhDuFl0IdjL5jMIkh8JlDrPoVBFzA/BEcmOKyDRgQWVsF085VOC+RbMpoUIg9Kv+9lj0ms0OTQ4VIUkUH+cMVkOLGUFgjEQu9yQgxhxgg+4sAtYnXypoQdPXLr/uQfcpTTTO0lPiorj5HFp1etpN9fWM2/3WZaMZPw6r661OfB5XNBDV3toIRZ1iexSxaJr1suKb2ZzxaVsupEuJ9rBkV7WIAa/TIoHTHPP23WucceDv+PxMP1O6Zt6BkANbMBGME62PsJ2asRClW37YHTIikaQJpR6C7j6X1WvYkl6rKui7XuO+gzrakswRgeKKUf root@testos3
[root@testos1 ~]# cat /root/.ssh/known_hosts
192.168.1.101 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.102 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.103 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
[root@testos1 ~]#
[root@testos2 ~]# ls -lsa /root/.ssh/
total 8
0 drwx------. 2 root root 38 Sep 7 22:32 .
0 dr-xr-x---. 3 root root 147 Sep 7 22:25 ..
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
[root@testos2 ~]#
[root@testos3 ~]# ls -lsa /root/.ssh/
total 8
0 drwx------. 2 root root 38 Sep 7 22:35 .
0 dr-xr-x---. 3 root root 147 Sep 7 22:25 ..
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
[root@testos3 ~]#
#3 跑完各个节点的信息
[root@testos1 ~]# ls -lsa /root/.ssh/
total 16
0 drwx------. 2 root root 80 Sep 7 22:26 .
0 dr-xr-x---. 4 root root 159 Sep 7 22:25 ..
4 -rw-r--r--. 1 root root 1179 Sep 7 22:34 authorized_keys
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
4 -rw-r--r--. 1 root root 525 Sep 7 22:34 known_hosts
[root@testos1 ~]#
[root@testos1 .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSSVPiZltz1rEAztaq1BfiXzgn8NomWzyO1OUSlGXUstrHUD9BNcp7VQ4Y56rQGVqQ0t9FBdh7O7ahn1PwoOlu8KjWoGv0HF257kKe9Lee64XQf1/ZZdx6xrPMs2ZDoQzFsTWzQfMGmTY8OtLq7bsEIlL45Xsp8l3b7qD4VXJGRrFZxKe0aarN+yScc9gWEimP5gm8OHg3GNYOP1WOUgxIFLJRi1xVNg03+ZBOIMjqN922ndqm7UnzmhlX/qef9zJQjvWIsx1UK/fjEmiZeLrKsrKfwdN+XgqqvSErCxP86CSUMTNJlPnLoYoHeiST8PhwqdvwMu9EHJUmkL/2IupP root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZEmRyKVErCSSqq4SKLoGFQ9nb6wO2CI0kBNSPqjsOuYZzS3Mf/OOTFdmHhZy8u+gp4e6oM5h4bOFByHce6Lv5wcMnQkMpXbO/D3t3U0OLJeMSoz3/OIUmAS8f5zg2YkkE8QYRMck9NCLHe/7WEamwV+kkGXqIP6vNHJwQCD5la84z+YalEmiDIS0aSbOvNb4kPx31u+ez8HDp2iDGfl4Q1wmLZiWBhj5iu0AzURj49fHtbC5aK6iyS2BV5rDTeQiihY+gIlklWYN7oUXH7q6n1h92rmi5nq04rc6gpnqA6qcgzSviQRvskC7NApP+YysIX0O9d/TSZ6O833L/qraN root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGobnBNKzqVMQhTWAcn2OUOBQhDuFl0IdjL5jMIkh8JlDrPoVBFzA/BEcmOKyDRgQWVsF085VOC+RbMpoUIg9Kv+9lj0ms0OTQ4VIUkUH+cMVkOLGUFgjEQu9yQgxhxgg+4sAtYnXypoQdPXLr/uQfcpTTTO0lPiorj5HFp1etpN9fWM2/3WZaMZPw6r661OfB5XNBDV3toIRZ1iexSxaJr1suKb2ZzxaVsupEuJ9rBkV7WIAa/TIoHTHPP23WucceDv+PxMP1O6Zt6BkANbMBGME62PsJ2asRClW37YHTIikaQJpR6C7j6X1WvYkl6rKui7XuO+gzrakswRgeKKUf root@testos3
[root@testos1 .ssh]# cat known_hosts
192.168.1.101 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.102 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.103 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
[root@testos1 .ssh]#
[root@testos2 ~]# ls -lsa /root/.ssh/
total 12
0 drwx------. 2 root root 61 Sep 7 22:55 .
0 dr-xr-x---. 3 root root 147 Sep 7 22:25 ..
4 -rw-r--r--. 1 root root 1179 Sep 7 22:55 authorized_keys
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
[root@testos2 ~]#
[root@testos2 .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSSVPiZltz1rEAztaq1BfiXzgn8NomWzyO1OUSlGXUstrHUD9BNcp7VQ4Y56rQGVqQ0t9FBdh7O7ahn1PwoOlu8KjWoGv0HF257kKe9Lee64XQf1/ZZdx6xrPMs2ZDoQzFsTWzQfMGmTY8OtLq7bsEIlL45Xsp8l3b7qD4VXJGRrFZxKe0aarN+yScc9gWEimP5gm8OHg3GNYOP1WOUgxIFLJRi1xVNg03+ZBOIMjqN922ndqm7UnzmhlX/qef9zJQjvWIsx1UK/fjEmiZeLrKsrKfwdN+XgqqvSErCxP86CSUMTNJlPnLoYoHeiST8PhwqdvwMu9EHJUmkL/2IupP root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZEmRyKVErCSSqq4SKLoGFQ9nb6wO2CI0kBNSPqjsOuYZzS3Mf/OOTFdmHhZy8u+gp4e6oM5h4bOFByHce6Lv5wcMnQkMpXbO/D3t3U0OLJeMSoz3/OIUmAS8f5zg2YkkE8QYRMck9NCLHe/7WEamwV+kkGXqIP6vNHJwQCD5la84z+YalEmiDIS0aSbOvNb4kPx31u+ez8HDp2iDGfl4Q1wmLZiWBhj5iu0AzURj49fHtbC5aK6iyS2BV5rDTeQiihY+gIlklWYN7oUXH7q6n1h92rmi5nq04rc6gpnqA6qcgzSviQRvskC7NApP+YysIX0O9d/TSZ6O833L/qraN root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGobnBNKzqVMQhTWAcn2OUOBQhDuFl0IdjL5jMIkh8JlDrPoVBFzA/BEcmOKyDRgQWVsF085VOC+RbMpoUIg9Kv+9lj0ms0OTQ4VIUkUH+cMVkOLGUFgjEQu9yQgxhxgg+4sAtYnXypoQdPXLr/uQfcpTTTO0lPiorj5HFp1etpN9fWM2/3WZaMZPw6r661OfB5XNBDV3toIRZ1iexSxaJr1suKb2ZzxaVsupEuJ9rBkV7WIAa/TIoHTHPP23WucceDv+PxMP1O6Zt6BkANbMBGME62PsJ2asRClW37YHTIikaQJpR6C7j6X1WvYkl6rKui7XuO+gzrakswRgeKKUf root@testos3
[root@testos2 .ssh]#
[root@testos3 ~]# ls -lsa /root/.ssh/
total 12
0 drwx------. 2 root root 61 Sep 7 22:56 .
0 dr-xr-x---. 3 root root 147 Sep 7 22:25 ..
4 -rw-r--r--. 1 root root 1179 Sep 7 22:56 authorized_keys
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
[root@testos3 ~]#
[root@testos3 .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSSVPiZltz1rEAztaq1BfiXzgn8NomWzyO1OUSlGXUstrHUD9BNcp7VQ4Y56rQGVqQ0t9FBdh7O7ahn1PwoOlu8KjWoGv0HF257kKe9Lee64XQf1/ZZdx6xrPMs2ZDoQzFsTWzQfMGmTY8OtLq7bsEIlL45Xsp8l3b7qD4VXJGRrFZxKe0aarN+yScc9gWEimP5gm8OHg3GNYOP1WOUgxIFLJRi1xVNg03+ZBOIMjqN922ndqm7UnzmhlX/qef9zJQjvWIsx1UK/fjEmiZeLrKsrKfwdN+XgqqvSErCxP86CSUMTNJlPnLoYoHeiST8PhwqdvwMu9EHJUmkL/2IupP root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZEmRyKVErCSSqq4SKLoGFQ9nb6wO2CI0kBNSPqjsOuYZzS3Mf/OOTFdmHhZy8u+gp4e6oM5h4bOFByHce6Lv5wcMnQkMpXbO/D3t3U0OLJeMSoz3/OIUmAS8f5zg2YkkE8QYRMck9NCLHe/7WEamwV+kkGXqIP6vNHJwQCD5la84z+YalEmiDIS0aSbOvNb4kPx31u+ez8HDp2iDGfl4Q1wmLZiWBhj5iu0AzURj49fHtbC5aK6iyS2BV5rDTeQiihY+gIlklWYN7oUXH7q6n1h92rmi5nq04rc6gpnqA6qcgzSviQRvskC7NApP+YysIX0O9d/TSZ6O833L/qraN root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGobnBNKzqVMQhTWAcn2OUOBQhDuFl0IdjL5jMIkh8JlDrPoVBFzA/BEcmOKyDRgQWVsF085VOC+RbMpoUIg9Kv+9lj0ms0OTQ4VIUkUH+cMVkOLGUFgjEQu9yQgxhxgg+4sAtYnXypoQdPXLr/uQfcpTTTO0lPiorj5HFp1etpN9fWM2/3WZaMZPw6r661OfB5XNBDV3toIRZ1iexSxaJr1suKb2ZzxaVsupEuJ9rBkV7WIAa/TIoHTHPP23WucceDv+PxMP1O6Zt6BkANbMBGME62PsJ2asRClW37YHTIikaQJpR6C7j6X1WvYkl6rKui7XuO+gzrakswRgeKKUf root@testos3
#4跑完之后各个节点信息
[root@testos1 ~]# ls -lsa /root/.ssh/
total 16
0 drwx------. 2 root root 80 Sep 7 22:26 .
0 dr-xr-x---. 4 root root 159 Sep 7 22:25 ..
4 -rw-r--r--. 1 root root 1179 Sep 7 22:34 authorized_keys
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
4 -rw-r--r--. 1 root root 525 Sep 7 22:34 known_hosts
[root@testos1 ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSSVPiZltz1rEAztaq1BfiXzgn8NomWzyO1OUSlGXUstrHUD9BNcp7VQ4Y56rQGVqQ0t9FBdh7O7ahn1PwoOlu8KjWoGv0HF257kKe9Lee64XQf1/ZZdx6xrPMs2ZDoQzFsTWzQfMGmTY8OtLq7bsEIlL45Xsp8l3b7qD4VXJGRrFZxKe0aarN+yScc9gWEimP5gm8OHg3GNYOP1WOUgxIFLJRi1xVNg03+ZBOIMjqN922ndqm7UnzmhlX/qef9zJQjvWIsx1UK/fjEmiZeLrKsrKfwdN+XgqqvSErCxP86CSUMTNJlPnLoYoHeiST8PhwqdvwMu9EHJUmkL/2IupP root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZEmRyKVErCSSqq4SKLoGFQ9nb6wO2CI0kBNSPqjsOuYZzS3Mf/OOTFdmHhZy8u+gp4e6oM5h4bOFByHce6Lv5wcMnQkMpXbO/D3t3U0OLJeMSoz3/OIUmAS8f5zg2YkkE8QYRMck9NCLHe/7WEamwV+kkGXqIP6vNHJwQCD5la84z+YalEmiDIS0aSbOvNb4kPx31u+ez8HDp2iDGfl4Q1wmLZiWBhj5iu0AzURj49fHtbC5aK6iyS2BV5rDTeQiihY+gIlklWYN7oUXH7q6n1h92rmi5nq04rc6gpnqA6qcgzSviQRvskC7NApP+YysIX0O9d/TSZ6O833L/qraN root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGobnBNKzqVMQhTWAcn2OUOBQhDuFl0IdjL5jMIkh8JlDrPoVBFzA/BEcmOKyDRgQWVsF085VOC+RbMpoUIg9Kv+9lj0ms0OTQ4VIUkUH+cMVkOLGUFgjEQu9yQgxhxgg+4sAtYnXypoQdPXLr/uQfcpTTTO0lPiorj5HFp1etpN9fWM2/3WZaMZPw6r661OfB5XNBDV3toIRZ1iexSxaJr1suKb2ZzxaVsupEuJ9rBkV7WIAa/TIoHTHPP23WucceDv+PxMP1O6Zt6BkANbMBGME62PsJ2asRClW37YHTIikaQJpR6C7j6X1WvYkl6rKui7XuO+gzrakswRgeKKUf root@testos3
[root@testos1 ~]# cat /root/.ssh/known_hosts
192.168.1.101 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.102 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.103 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
[root@testos1 ~]#
[root@testos2 ~]# ls -lsa /root/.ssh/
total 16
0 drwx------. 2 root root 80 Sep 7 23:09 .
0 dr-xr-x---. 3 root root 147 Sep 7 22:25 ..
4 -rw-r--r--. 1 root root 1179 Sep 7 22:55 authorized_keys
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
4 -rw-r--r--. 1 root root 525 Sep 7 23:09 known_hosts
[root@testos2 ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSSVPiZltz1rEAztaq1BfiXzgn8NomWzyO1OUSlGXUstrHUD9BNcp7VQ4Y56rQGVqQ0t9FBdh7O7ahn1PwoOlu8KjWoGv0HF257kKe9Lee64XQf1/ZZdx6xrPMs2ZDoQzFsTWzQfMGmTY8OtLq7bsEIlL45Xsp8l3b7qD4VXJGRrFZxKe0aarN+yScc9gWEimP5gm8OHg3GNYOP1WOUgxIFLJRi1xVNg03+ZBOIMjqN922ndqm7UnzmhlX/qef9zJQjvWIsx1UK/fjEmiZeLrKsrKfwdN+XgqqvSErCxP86CSUMTNJlPnLoYoHeiST8PhwqdvwMu9EHJUmkL/2IupP root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZEmRyKVErCSSqq4SKLoGFQ9nb6wO2CI0kBNSPqjsOuYZzS3Mf/OOTFdmHhZy8u+gp4e6oM5h4bOFByHce6Lv5wcMnQkMpXbO/D3t3U0OLJeMSoz3/OIUmAS8f5zg2YkkE8QYRMck9NCLHe/7WEamwV+kkGXqIP6vNHJwQCD5la84z+YalEmiDIS0aSbOvNb4kPx31u+ez8HDp2iDGfl4Q1wmLZiWBhj5iu0AzURj49fHtbC5aK6iyS2BV5rDTeQiihY+gIlklWYN7oUXH7q6n1h92rmi5nq04rc6gpnqA6qcgzSviQRvskC7NApP+YysIX0O9d/TSZ6O833L/qraN root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGobnBNKzqVMQhTWAcn2OUOBQhDuFl0IdjL5jMIkh8JlDrPoVBFzA/BEcmOKyDRgQWVsF085VOC+RbMpoUIg9Kv+9lj0ms0OTQ4VIUkUH+cMVkOLGUFgjEQu9yQgxhxgg+4sAtYnXypoQdPXLr/uQfcpTTTO0lPiorj5HFp1etpN9fWM2/3WZaMZPw6r661OfB5XNBDV3toIRZ1iexSxaJr1suKb2ZzxaVsupEuJ9rBkV7WIAa/TIoHTHPP23WucceDv+PxMP1O6Zt6BkANbMBGME62PsJ2asRClW37YHTIikaQJpR6C7j6X1WvYkl6rKui7XuO+gzrakswRgeKKUf root@testos3
[root@testos2 ~]# cat /root/.ssh/known_hosts
192.168.1.101 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.102 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.103 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
[root@testos2 ~]#
[root@testos3 ~]# ls -lsa /root/.ssh/
total 16
0 drwx------. 2 root root 80 Sep 7 23:09 .
0 dr-xr-x---. 3 root root 147 Sep 7 22:25 ..
4 -rw-r--r--. 1 root root 1179 Sep 7 22:56 authorized_keys
4 -rw-------. 1 root root 1675 Sep 7 22:25 id_rsa
4 -rw-r--r--. 1 root root 393 Sep 7 22:25 id_rsa.pub
4 -rw-r--r--. 1 root root 525 Sep 7 23:09 known_hosts
[root@testos3 ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSSVPiZltz1rEAztaq1BfiXzgn8NomWzyO1OUSlGXUstrHUD9BNcp7VQ4Y56rQGVqQ0t9FBdh7O7ahn1PwoOlu8KjWoGv0HF257kKe9Lee64XQf1/ZZdx6xrPMs2ZDoQzFsTWzQfMGmTY8OtLq7bsEIlL45Xsp8l3b7qD4VXJGRrFZxKe0aarN+yScc9gWEimP5gm8OHg3GNYOP1WOUgxIFLJRi1xVNg03+ZBOIMjqN922ndqm7UnzmhlX/qef9zJQjvWIsx1UK/fjEmiZeLrKsrKfwdN+XgqqvSErCxP86CSUMTNJlPnLoYoHeiST8PhwqdvwMu9EHJUmkL/2IupP root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZEmRyKVErCSSqq4SKLoGFQ9nb6wO2CI0kBNSPqjsOuYZzS3Mf/OOTFdmHhZy8u+gp4e6oM5h4bOFByHce6Lv5wcMnQkMpXbO/D3t3U0OLJeMSoz3/OIUmAS8f5zg2YkkE8QYRMck9NCLHe/7WEamwV+kkGXqIP6vNHJwQCD5la84z+YalEmiDIS0aSbOvNb4kPx31u+ez8HDp2iDGfl4Q1wmLZiWBhj5iu0AzURj49fHtbC5aK6iyS2BV5rDTeQiihY+gIlklWYN7oUXH7q6n1h92rmi5nq04rc6gpnqA6qcgzSviQRvskC7NApP+YysIX0O9d/TSZ6O833L/qraN root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGobnBNKzqVMQhTWAcn2OUOBQhDuFl0IdjL5jMIkh8JlDrPoVBFzA/BEcmOKyDRgQWVsF085VOC+RbMpoUIg9Kv+9lj0ms0OTQ4VIUkUH+cMVkOLGUFgjEQu9yQgxhxgg+4sAtYnXypoQdPXLr/uQfcpTTTO0lPiorj5HFp1etpN9fWM2/3WZaMZPw6r661OfB5XNBDV3toIRZ1iexSxaJr1suKb2ZzxaVsupEuJ9rBkV7WIAa/TIoHTHPP23WucceDv+PxMP1O6Zt6BkANbMBGME62PsJ2asRClW37YHTIikaQJpR6C7j6X1WvYkl6rKui7XuO+gzrakswRgeKKUf root@testos3
[root@testos3 ~]# cat /root/.ssh/known_hosts
192.168.1.101 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.102 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
192.168.1.103 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
[root@testos3 ~]#
三节点互信(主机名)
环境信息
主机名 | IP地址 | 备注 |
---|---|---|
testos1 | 192.168.1.101 | testos1以下简称A |
testos2 | 192.168.1.102 | testos2以下简称B |
testos3 | 192.168.1.103 | testos3以下简称C |
各个节点的hosts设置
[root@testos1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.101 testos1
192.168.1.102 testos2
192.168.1.103 testos3
[root@testos1 ~]#
互信过程
#1.分别在A B C创建公钥和私钥
cd
ssh-keygen -t rsa
#2.在A上执行以下命令,整合公钥文件
#2.1
ssh testos1 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
#2.2
ssh testos2 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
#2.3
ssh testos3 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
#说明:
2.1 跑完 A自己互信成功
2.2 跑完 B-A之前互信了,但是没有指纹认证(B的known_hosts中没有A的信息,B ssh 连接 A需要输入一次yes但是不需要输入密码)
2.3 跑完 C-A之间互信了,但是没有指纹认证(C的known_hosts中没有A的信息,C ssh 连接 A需要输入一次yes但是不需要输入密码)
2.3跑完 A的authorized_keys收集到了ABC三个节点的公钥信息,同时A指纹认证ABC成功
#3.在A上执行以下命令,分发整合后的公钥文件
scp ~/.ssh/authorized_keys testos2:~/.ssh/
scp ~/.ssh/authorized_keys testos3:~/.ssh/
#3 跑完ABC之间相互持有了对方和自己的公钥,此时真正免密登录的只有 A—A、A-B、A-C,BC上没有known_hosts文件,所以B到其他节点(包含自己),C到其他节点(包含)第一次需要输入一次yes
#4.把A上的known_hosts文件传到其他BC节点
scp ~/.ssh/known_hosts testos2:~/.ssh/
scp ~/.ssh/known_hosts testos3:~/.ssh/
#4跑完之后相互之间的互相完成
#4跑完之后ABC 之间IP和hostname的互相都搞好了 直接ssh就可以互相连接,不同指纹认证
说明
#1 跑完各节点查询
[root@testos1 ~]# ls -lsa /root/.ssh/
total 8
0 drwx------. 2 root root 38 Sep 8 10:08 .
0 dr-xr-x---. 4 root root 159 Sep 8 10:08 ..
4 -rw-------. 1 root root 1679 Sep 8 10:08 id_rsa
4 -rw-r--r--. 1 root root 394 Sep 8 10:08 id_rsa.pub
[root@testos1 ~]#
[root@testos2 ~]# ls -lsa /root/.ssh/
total 8
0 drwx------. 2 root root 38 Sep 8 10:08 .
0 dr-xr-x---. 3 root root 147 Sep 8 10:08 ..
4 -rw-------. 1 root root 1675 Sep 8 10:08 id_rsa
4 -rw-r--r--. 1 root root 394 Sep 8 10:08 id_rsa.pub
[root@testos2 ~]#
[root@testos3 ~]# ls -lsa /root/.ssh/
total 8
0 drwx------. 2 root root 38 Sep 8 10:09 .
0 dr-xr-x---. 3 root root 147 Sep 8 10:09 ..
4 -rw-------. 1 root root 1679 Sep 8 10:09 id_rsa
4 -rw-r--r--. 1 root root 394 Sep 8 10:09 id_rsa.pub
[root@testos3 ~]#
#2 结束之后各节点的信息
[root@testos1 ~]# ls -lsa /root/.ssh/
total 16
0 drwx------. 2 root root 80 Sep 8 15:52 .
0 dr-xr-x---. 4 root root 159 Sep 8 10:08 ..
4 -rw-r--r--. 1 root root 1182 Sep 8 15:52 authorized_keys
4 -rw-------. 1 root root 1679 Sep 8 10:08 id_rsa
4 -rw-r--r--. 1 root root 394 Sep 8 10:08 id_rsa.pub
4 -rw-r--r--. 1 root root 549 Sep 8 15:52 known_hosts
[root@testos1 ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM//HN70PzTafLDUq4VtaNNb78Uy65CrD1LmwLAx3+60sGnurUmmbc5Ls3hVCRJOFM6WmWYfpMOhRQ9ovZ5gKW3uTUdH8E8jxkwvfujsvFvXJgnv9G/akd6yS5OyiMEMoBvB02qRqTnMzXBn6ccCaBnZlgqYbiQpsLauha3FESF7qVV4bTU7Lthp7lHMpfwDfm9SimhbgiMZY4quaX23NVlNj/vJVDN3SW+HqwJBM/aXx9uGU/fMArBp42fLXZZjTb4CvuT1FKhCQhIc4fdP0I8pdLVpFW/p0LRbetAXmaFXcaEuo5wXFnGfDBXfey4gZaOX0B8q4Qb7h21+0W9sQH root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNH23WbgmRLyrrcKb2WLcCygfkezYZcpd3J2VyEgm/xT266z1D3MQviOTfJ9M1nvOxBN+X0qyovcOiK+mSCO68Q5zwhQR/0VqwkLo/93RU9fK8ZjsTKtxqC/g9n/eGCzPNCxZJs1Iy5xBVYsU/pdJfVGEUQUIeIyGfK+4/NfwWXDzXjm3c/DDrFJGU8OxZF9hghnGbtmStP2G2Ptwk6fDrhJ94hdiGCKtsxLdgO7T/w66OLUSomlXyYODnAm95Nb0BCs2zmBfD69LZR0RrvyIBzGX4M7HuvAXBRoL6Mg/btf60SNEKQRuFNJJk16HgVrbIV6EW+3lyyE+bzDuUs9oR root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBjvazbuX/1xJELPDhrICI8ougmnvtPCrLakerdC/5v6yzev21nI0tGWQB2TC0HEkr3ppNfmLmv9g+4cqOtyf0yRmDrBzu+jjx7Q6du4G2jOZseePKUJnGPUz9+/39VcmoQhFAuHCZbY8VYKiNcgKlmIe177RHBxHuKyD1Z3h29nbQPf+gYwgXR/EiXqZCj4l/gY6Q6cMaxvKGhRYUd6qyiA+aw7ddSSSbl1p3O+vbNwqOqa3PMZ502MGT8dtQMLn8Lug9SJclyXyTmPhiRWiZfIatquvsbMxym0v1P8LNvxCUoFblaGT3i7eW5fEtSZPY0RlGMjyHuKkfqbp83yHb root@testos3
[root@testos1 ~]# cat /root/.ssh/known_hosts
testos1,192.168.1.101 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
testos2,192.168.1.102 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
testos3,192.168.1.103 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
[root@testos1 ~]#
[root@testos2 ~]# ls -lsa /root/.ssh/
total 8
0 drwx------. 2 root root 38 Sep 8 10:08 .
0 dr-xr-x---. 3 root root 147 Sep 8 10:08 ..
4 -rw-------. 1 root root 1675 Sep 8 10:08 id_rsa
4 -rw-r--r--. 1 root root 394 Sep 8 10:08 id_rsa.pub
[root@testos2 ~]#
[root@testos3 ~]# ls -lsa /root/.ssh/
total 8
0 drwx------. 2 root root 38 Sep 8 10:09 .
0 dr-xr-x---. 3 root root 147 Sep 8 10:09 ..
4 -rw-------. 1 root root 1679 Sep 8 10:09 id_rsa
4 -rw-r--r--. 1 root root 394 Sep 8 10:09 id_rsa.pub
[root@testos3 ~]#
#3跑完各节点的信息
[root@testos1 ~]# ls -lsa /root/.ssh/
total 16
0 drwx------. 2 root root 80 Sep 8 15:52 .
0 dr-xr-x---. 4 root root 159 Sep 8 10:08 ..
4 -rw-r--r--. 1 root root 1182 Sep 8 15:52 authorized_keys
4 -rw-------. 1 root root 1679 Sep 8 10:08 id_rsa
4 -rw-r--r--. 1 root root 394 Sep 8 10:08 id_rsa.pub
4 -rw-r--r--. 1 root root 549 Sep 8 15:52 known_hosts
[root@testos1 ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM//HN70PzTafLDUq4VtaNNb78Uy65CrD1LmwLAx3+60sGnurUmmbc5Ls3hVCRJOFM6WmWYfpMOhRQ9ovZ5gKW3uTUdH8E8jxkwvfujsvFvXJgnv9G/akd6yS5OyiMEMoBvB02qRqTnMzXBn6ccCaBnZlgqYbiQpsLauha3FESF7qVV4bTU7Lthp7lHMpfwDfm9SimhbgiMZY4quaX23NVlNj/vJVDN3SW+HqwJBM/aXx9uGU/fMArBp42fLXZZjTb4CvuT1FKhCQhIc4fdP0I8pdLVpFW/p0LRbetAXmaFXcaEuo5wXFnGfDBXfey4gZaOX0B8q4Qb7h21+0W9sQH root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNH23WbgmRLyrrcKb2WLcCygfkezYZcpd3J2VyEgm/xT266z1D3MQviOTfJ9M1nvOxBN+X0qyovcOiK+mSCO68Q5zwhQR/0VqwkLo/93RU9fK8ZjsTKtxqC/g9n/eGCzPNCxZJs1Iy5xBVYsU/pdJfVGEUQUIeIyGfK+4/NfwWXDzXjm3c/DDrFJGU8OxZF9hghnGbtmStP2G2Ptwk6fDrhJ94hdiGCKtsxLdgO7T/w66OLUSomlXyYODnAm95Nb0BCs2zmBfD69LZR0RrvyIBzGX4M7HuvAXBRoL6Mg/btf60SNEKQRuFNJJk16HgVrbIV6EW+3lyyE+bzDuUs9oR root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBjvazbuX/1xJELPDhrICI8ougmnvtPCrLakerdC/5v6yzev21nI0tGWQB2TC0HEkr3ppNfmLmv9g+4cqOtyf0yRmDrBzu+jjx7Q6du4G2jOZseePKUJnGPUz9+/39VcmoQhFAuHCZbY8VYKiNcgKlmIe177RHBxHuKyD1Z3h29nbQPf+gYwgXR/EiXqZCj4l/gY6Q6cMaxvKGhRYUd6qyiA+aw7ddSSSbl1p3O+vbNwqOqa3PMZ502MGT8dtQMLn8Lug9SJclyXyTmPhiRWiZfIatquvsbMxym0v1P8LNvxCUoFblaGT3i7eW5fEtSZPY0RlGMjyHuKkfqbp83yHb root@testos3
[root@testos1 ~]# cat /root/.ssh/known_hosts
testos1,192.168.1.101 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
testos2,192.168.1.102 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
testos3,192.168.1.103 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIi7C3hUy4Ys30/TcBief4gi7TbSJbarWjL4zsBG7ZLS9J7RjXHKm10Den1Lf9L+nWA0+Au+R75GnyE664meTac=
[root@testos1 ~]#
[root@testos2 ~]# ls -lsa /root/.ssh/
total 12
0 drwx------. 2 root root 61 Sep 8 15:56 .
0 dr-xr-x---. 3 root root 147 Sep 8 10:08 ..
4 -rw-r--r--. 1 root root 1182 Sep 8 15:56 authorized_keys
4 -rw-------. 1 root root 1675 Sep 8 10:08 id_rsa
4 -rw-r--r--. 1 root root 394 Sep 8 10:08 id_rsa.pub
[root@testos2 ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM//HN70PzTafLDUq4VtaNNb78Uy65CrD1LmwLAx3+60sGnurUmmbc5Ls3hVCRJOFM6WmWYfpMOhRQ9ovZ5gKW3uTUdH8E8jxkwvfujsvFvXJgnv9G/akd6yS5OyiMEMoBvB02qRqTnMzXBn6ccCaBnZlgqYbiQpsLauha3FESF7qVV4bTU7Lthp7lHMpfwDfm9SimhbgiMZY4quaX23NVlNj/vJVDN3SW+HqwJBM/aXx9uGU/fMArBp42fLXZZjTb4CvuT1FKhCQhIc4fdP0I8pdLVpFW/p0LRbetAXmaFXcaEuo5wXFnGfDBXfey4gZaOX0B8q4Qb7h21+0W9sQH root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNH23WbgmRLyrrcKb2WLcCygfkezYZcpd3J2VyEgm/xT266z1D3MQviOTfJ9M1nvOxBN+X0qyovcOiK+mSCO68Q5zwhQR/0VqwkLo/93RU9fK8ZjsTKtxqC/g9n/eGCzPNCxZJs1Iy5xBVYsU/pdJfVGEUQUIeIyGfK+4/NfwWXDzXjm3c/DDrFJGU8OxZF9hghnGbtmStP2G2Ptwk6fDrhJ94hdiGCKtsxLdgO7T/w66OLUSomlXyYODnAm95Nb0BCs2zmBfD69LZR0RrvyIBzGX4M7HuvAXBRoL6Mg/btf60SNEKQRuFNJJk16HgVrbIV6EW+3lyyE+bzDuUs9oR root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBjvazbuX/1xJELPDhrICI8ougmnvtPCrLakerdC/5v6yzev21nI0tGWQB2TC0HEkr3ppNfmLmv9g+4cqOtyf0yRmDrBzu+jjx7Q6du4G2jOZseePKUJnGPUz9+/39VcmoQhFAuHCZbY8VYKiNcgKlmIe177RHBxHuKyD1Z3h29nbQPf+gYwgXR/EiXqZCj4l/gY6Q6cMaxvKGhRYUd6qyiA+aw7ddSSSbl1p3O+vbNwqOqa3PMZ502MGT8dtQMLn8Lug9SJclyXyTmPhiRWiZfIatquvsbMxym0v1P8LNvxCUoFblaGT3i7eW5fEtSZPY0RlGMjyHuKkfqbp83yHb root@testos3
[root@testos2 ~]#
[root@testos3 ~]# ls -lsa /root/.ssh/
total 12
0 drwx------. 2 root root 61 Sep 8 15:57 .
0 dr-xr-x---. 3 root root 147 Sep 8 10:09 ..
4 -rw-r--r--. 1 root root 1182 Sep 8 15:57 authorized_keys
4 -rw-------. 1 root root 1679 Sep 8 10:09 id_rsa
4 -rw-r--r--. 1 root root 394 Sep 8 10:09 id_rsa.pub
[root@testos3 ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM//HN70PzTafLDUq4VtaNNb78Uy65CrD1LmwLAx3+60sGnurUmmbc5Ls3hVCRJOFM6WmWYfpMOhRQ9ovZ5gKW3uTUdH8E8jxkwvfujsvFvXJgnv9G/akd6yS5OyiMEMoBvB02qRqTnMzXBn6ccCaBnZlgqYbiQpsLauha3FESF7qVV4bTU7Lthp7lHMpfwDfm9SimhbgiMZY4quaX23NVlNj/vJVDN3SW+HqwJBM/aXx9uGU/fMArBp42fLXZZjTb4CvuT1FKhCQhIc4fdP0I8pdLVpFW/p0LRbetAXmaFXcaEuo5wXFnGfDBXfey4gZaOX0B8q4Qb7h21+0W9sQH root@testos1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNH23WbgmRLyrrcKb2WLcCygfkezYZcpd3J2VyEgm/xT266z1D3MQviOTfJ9M1nvOxBN+X0qyovcOiK+mSCO68Q5zwhQR/0VqwkLo/93RU9fK8ZjsTKtxqC/g9n/eGCzPNCxZJs1Iy5xBVYsU/pdJfVGEUQUIeIyGfK+4/NfwWXDzXjm3c/DDrFJGU8OxZF9hghnGbtmStP2G2Ptwk6fDrhJ94hdiGCKtsxLdgO7T/w66OLUSomlXyYODnAm95Nb0BCs2zmBfD69LZR0RrvyIBzGX4M7HuvAXBRoL6Mg/btf60SNEKQRuFNJJk16HgVrbIV6EW+3lyyE+bzDuUs9oR root@testos2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBjvazbuX/1xJELPDhrICI8ougmnvtPCrLakerdC/5v6yzev21nI0tGWQB2TC0HEkr3ppNfmLmv9g+4cqOtyf0yRmDrBzu+jjx7Q6du4G2jOZseePKUJnGPUz9+/39VcmoQhFAuHCZbY8VYKiNcgKlmIe177RHBxHuKyD1Z3h29nbQPf+gYwgXR/EiXqZCj4l/gY6Q6cMaxvKGhRYUd6qyiA+aw7ddSSSbl1p3O+vbNwqOqa3PMZ502MGT8dtQMLn8Lug9SJclyXyTmPhiRWiZfIatquvsbMxym0v1P8LNvxCUoFblaGT3i7eW5fEtSZPY0RlGMjyHuKkfqbp83yHb root@testos3
[root@testos3 ~]#